A group of hackers reportedly sells sensitive data stolen from Cisco Systems, Inc. The breach, allegedly carried out by a collective known as IntelBroker in collaboration with EnergyWeaponUser and zjj, has raised significant concerns across the tech industry. Details of…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Fortigate SSLVPN Vulnerability Exploited in the Wild
A critical vulnerability in Fortinet’s FortiGate SSLVPN appliances, CVE-2024-23113, has been actively exploited in the wild. This format string flaw vulnerability has raised significant concerns due to its potential for remote code execution. The flaw allows attackers to control format…
Splunk Enterprise Vulnerabilities let Attackers Execute Remote Code
Splunk has disclosed multiple vulnerabilities affecting its Enterprise product, which could allow attackers to execute remote code. These vulnerabilities, primarily affecting Windows installations, highlight the critical need for organizations to update and secure their systems promptly. Overview of the Security…
TrickMo Malware Targets Android Devices to Steal Unlock Patterns and PINs
The recent discovery of the TrickMo Banking Trojan variant by Cleafy has prompted further investigation, where researchers have identified 40 variants, 16 droppers, and 22 active Command and Control servers associated with this threat. These variants employ advanced techniques like…
CoreWarrior Malware Attacking Windows Machines From Dozens Of IP Address
Researchers recently analyzed a CoreWarrior malware sample, which spreads aggressively by creating numerous copies and connecting to various IP addresses. It establishes multiple backdoor connections and monitors user activity through Windows UI element hooks, which poses a significant security risk…
OilRig Hackers Exploiting Microsoft Exchange Server To Steal Login Details
Earth Simnavaz, an Iranian state-sponsored cyber espionage group, has recently intensified its attacks on critical infrastructure in the UAE and wider Gulf region. The group employs sophisticated techniques to gain unauthorized access and exfiltrate sensitive data, such as using a…
pac4j Java Framework Vulnerable to RCE Attacks
A critical security vulnerability has been discovered in the popular Java framework pac4j. The vulnerability specifically affects versions before 4.0 of the pac4j-core module. This vulnerability, identified as CVE-2023-25581, exposes systems to potential remote code execution (RCE) attacks due to…
Beware of Fake AI Scam calls that Takeover your Gmail Account
Scammers use sophisticated AI technology to impersonate tech giants like Google, aiming to take over unsuspecting users’ Gmail accounts. A recent incident highlights these fraudsters’ cunning tactics, underscoring the need for heightened vigilance. The Initial Contact: A Suspicious Notification The…
Zendesk Email Spoofing Flaw Let Attackers Access Support Tickets
A security vulnerability in Zendesk, a widely used customer service tool, has been uncovered. This flaw allowed attackers to access support tickets from any company using Zendesk, posing significant risks to sensitive information. Zendesk initially dismissed the vulnerability, which involved…
18 Individuals Charged for Widespread Manipulation Cryptocurrency Markets
18 individuals and entities have been charged with widespread fraud and manipulation within the cryptocurrency markets. The charges, unsealed in Boston, target leaders of four cryptocurrency companies, four financial services firms known as “market makers,” and various employees. This case…
Threat Actor ProKYC Selling Tools To Bypass Two-Factor Authentication
Threat actors are leveraging a newly discovered deepfake tool, ProKYC, to bypass two-factor authentication on cryptocurrency exchanges, which is designed specifically for NAF (New Account Fraud) attacks and can create verified but synthetic accounts by mimicking facial recognition authentication. By…
Mozilla Warns Of Firefox Zero-Day Actively Exploited In Cyber Attacks
A critical use-after-free vulnerability affecting Firefox and Firefox Extended Support Release (ESR) is being actively exploited in cyberattacks. With a CVSS base score of 9.8, the flaw is identified as Use-after-free in the Animation timeline component tracked as CVE-2024-9680 reported…
Hackers Exploiting Zero-day Flaw in Qualcomm Chips to Attack Android Users
Hackers exploit a zero-day vulnerability found in Qualcomm chipsets, potentially affecting millions worldwide. The flaw, identified as CVE-2024-43047, is a use-after-free vulnerability resulting from memory corruption in the DSP Services while maintaining memory maps of HLOS memory. Vulnerability in Qualcomm…
Wireshark 4.4.1 Released, What’s new!
Wireshark, the world’s leading network protocol analyzer, has just released version 4.4.1, bringing a host of bug fixes and updates to enhance user experience and functionality. Hosted by the Wireshark Foundation, this tool is indispensable for troubleshooting, analysis, development, and…
Foxit PDF Reader Vulnerability Let Attackers Execute Arbitary Code
Researchers recently disclosed six new security vulnerabilities across various software, as one critical vulnerability was found in Foxit PDF Reader, a widely used alternative to Adobe Acrobat. Given the memory corruption vulnerability, attackers could execute arbitrary code on the machine…
Multiple VMware NSX Vulnerabilities Let Attackers Gain Root Access
VMware has disclosed multiple vulnerabilities in its NSX product line that could potentially allow attackers to gain root access. The vulnerabilities, identified as CVE-2024-38818, CVE-2024-38817, and CVE-2024-38815, affect both VMware NSX and VMware Cloud Foundation. According to the Broadcom report,…
CISA Added Fortinet & Ivanti Vulnerabilities that Exploited in the Wild
The Cybersecurity and Infrastructure Security Agency (CISA) has recently updated its Known Exploited Vulnerabilities Catalog, adding critical vulnerabilities from Fortinet and Ivanti. These vulnerabilities are actively exploited in the wild, posing significant risks to organizations worldwide. CISA urges immediate action…
Network Penetration Testing Checklist – 2024
Network Penetration Testing checklist determines vulnerabilities in the network posture by discovering open ports, troubleshooting live systems, and services, and grabbing system banners. The pen-testing helps the administrator close unused ports, add additional services, hide or customize banners, troubleshoot services, and…
Hackers Breached Japan Aerospace Company’s President Account
Hackers have infiltrated the Japan Aerospace Exploration Agency (JAXA), compromising the accounts of several high-ranking officials, including President Hiroshi Yamakawa. This alarming incident is part of a series of cyberattacks targeting JAXA since June 2023, raising concerns about the security…
Dark Angels Ransomware Attacking Windows And Linux/ESXi Systems
The sophisticated ransomware group Dark Angels, active since 2022, targets large companies for substantial ransom payments by employing third-party ransomware payloads like Babuk, RTM Locker, and RagnarLocker to encrypt files on Windows and Linux systems. It employs ransomware in a…